Login

Snippets by sean

Snippet List

apache authentication via cookies

Enables cookie based authentication with apache. I needed user authentication for some static files, but couldn't use the method described [here](http://www.djangoproject.com/documentation/apache_auth/) as this prompts the user for his credentials, making him log in twice. There is some overhead in the code, because it runs all request middleware components (only session and auth would be needed). All arguments described in the link above are supported. I use it like this in the apache config: <Location "/protected/location"> PythonPath "['/path/to/proj/'] + sys.path" PythonOption DJANGO_SETTINGS_MODULE myproj.settings PythonOption DjangoPermissionName '<permission.codename>' PythonAccessHandler my_proj.modpython #this should point to accesshandler SetHandler None </Location>

  • authentication
  • apache
Read More

nginx x-accel-redirect protection of static files

This snippet requires nginx as your front end server (for serving static files) and any django enabled server as a backend that only gets the dynamic requests (I use apache with mod_python). If you have no idea what I'm talking about, you probably won't need this snippet. I previously tried something [similar](http://www.djangosnippets.org/snippets/62/) just using mod_python, but this was too unstable for my needs (the PythonAuthenHandler seems to be called multiple times for no apparent reason). The patch from that snippet was also used as a base for [this ticket](http://code.djangoproject.com/ticket/3583). This is part of an authentication mechanism I use for protecting static files. Nginx has the so called x-accel-redirect feature, that tells nginx to serve an internal (read 'protected') file if the backend response has the ['X-Accel-Redirect'] header set. No other headers are touched, but by deleting all relevant headers in the default django response, nginx will create those headers for us. The usage is pretty simple: * set up nginx as a proxy for apache + mod_python + django (google for this if you don't know how) * configure nginx as shown in the code snippet (for testing leave out the internal part to see if the files are accessible) * configure your urls.py to point to the validation view * make your sites hrefs point to the view instead of the file directly (those real urls will be completely hidden from your visitors) * Done!

  • authentication
  • nginx
Read More